Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0989 5 Redhat, Trustix, Ubuntu and 2 more 7 Enterprise Linux, Fedora Core, Secure Linux and 4 more 2025-04-03 N/A
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.
CVE-1999-1564 1 Freebsd 1 Freebsd 2025-04-03 N/A
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes.
CVE-2000-0033 1 Trend Micro 1 Interscan Viruswall 2025-04-03 N/A
InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments.
CVE-2000-0034 1 Netscape 1 Communicator 2025-04-03 N/A
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
CVE-2000-0035 1 Great Circle Associates 1 Majordomo 2025-04-03 N/A
resend command in Majordomo allows local users to gain privileges via shell metacharacters.
CVE-2000-0037 1 Great Circle Associates 1 Majordomo 2025-04-03 N/A
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
CVE-1999-0308 1 Hp 1 Hp-ux 2025-04-03 N/A
HP-UX gwind program allows users to modify arbitrary files.
CVE-2002-0712 1 Entrust 1 Entrust Authority Security Manager 2025-04-03 N/A
Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations.
CVE-2000-0038 1 Glftpd 1 Glftpd 2025-04-03 N/A
glFtpD includes a default glftpd user account with a default password and a UID of 0.
CVE-2002-0722 1 Microsoft 1 Internet Explorer 2025-04-03 N/A
Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to misrepresent the source of a file in the File Download dialogue box to trick users into thinking that the file type is safe to download, aka "File Origin Spoofing."
CVE-2002-1966 1 My Postcards 1 My Postcards Platinum 2025-04-03 N/A
Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
CVE-2000-0039 1 Altavista 1 Search Intranet 2025-04-03 N/A
AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program.
CVE-2000-0041 1 Apple 1 Macos 2025-04-03 N/A
Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.
CVE-2000-0044 1 Jgaa 1 Warftpd 2025-04-03 N/A
Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands.
CVE-2002-0733 1 Acme Labs 1 Thttpd 2025-04-03 N/A
Cross-site scripting vulnerability in thttpd 2.20 and earlier allows remote attackers to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message.
CVE-2002-1970 1 Snortcenter 1 Snortcenter 2025-04-03 N/A
SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers.
CVE-2000-0045 1 Oracle 1 Mysql 2025-04-03 N/A
MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
CVE-2000-0047 1 Yahoo 1 Pager 2025-04-03 N/A
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message.
CVE-2000-0049 1 Nullsoft 1 Winamp 2025-04-03 N/A
Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file.
CVE-2002-0735 2 C-note, Padl Software 3 Squid Auth Ldap, Nss Ldap, Pam Ldap 2025-04-03 N/A
Format string vulnerability in the logging() function in C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages.